Hi,
since today I have an error during “apt update” on an ubuntu 20.04 system. I saw some new instructions on apt.syncthing.net and followed them. However, this error remains: Fehl:15 https://apt.syncthing.net syncthing Release Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake:
I got the newest gpg file, just moments ago, so I guess the file is out-of-date…
The letsencrypt intermediary certificates expired, and our Caddy is not renewing them. I’m looking into it.
Thanks…
The certificates look correct to me now, but there are apparently issues with openssl compatibility on some hosts, and possible outdated local certificate stores.
To connect to LE-certified sites from clients with old openssl 1.0 (example: apt/wget in debian 8/debian 9) you need to remove expired certificate from your machine.
#dpkg-reconfigure ca-certificates
Then “Yes”. Deselect “mozilla/DST_Root_CA_X3.crt”! “Ok”.
This did the trick. Thanks…
Hi,
I have the same problem, how did you 'Deselect’mozilla/DST_Root_CA_X3.crt ?
This is what I see:
[*] mozilla/DST_Root_CA_X3.crt
Thanks,
Pete
Depends on your terminal, but usually you select the item with arrow keys and then press space to deselect it. Confirm your selection with enter.
Space must about the only thing I didn’t try…Thanks
I tried the solution suggested above, with no effect.
This worked for me: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D26E6ED000654A3E
Apt update no longer complains.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.